CCE-99331-1Platform: cpe:/o:microsoft:windows_11 | Date: (C)2023-01-13 (M)2023-07-04 |
Title:
Domain-joined systems must use windows 11 Enterprise Edition 64-bit version.
Description:
Features such as Credential Guard use virtualization based security to protect information that could be used in credential theft attacks if compromised. There are a number of system requirements that must be met in order for Credential Guard to be configured and enabled properly. Virtualization based security and Credential Guard are only available with windows 11 Enterprise 64-bit version.
Check Text:
Verify domain-joined systems are using windows 11 Enterprise Edition 64-bit version.
For standalone systems, this is NA.
Open "Settings".
Select "System", then "About".
If "Edition" is not "windows 11 Enterprise", this is a finding.
If "System type" is not "64-bit operating system…", this is a finding.
Fix:
Use windows 11 Enterprise 64-bit version for domain-joined systems.
Parameter:
[yes/no]
Technical Mechanism:
Use windows 11 Enterprise 64-bit version for domain-joined systems.
CCSS Severity: | CCSS Metrics: |
CCSS Score : 9.8 | Attack Vector: NETWORK |
Exploit Score: 3.9 | Attack Complexity: LOW |
Impact Score: 5.9 | Privileges Required: NONE |
Severity: CRITICAL | User Interaction: NONE |
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:86883 |